Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(58)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/base/cert_verify_result.h

Issue 6874039: Return the constructed certificate chain in X509Certificate::Verify() (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Ensure the EE cert is marked as a TLS server cert, not a CA cert Created 9 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | net/base/cert_verify_result.cc » ('j') | net/base/cert_verify_result.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/base/cert_verify_result.h
diff --git a/net/base/cert_verify_result.h b/net/base/cert_verify_result.h
index 7d885477db25b6a10b215cdec6b1fcb1c32a0706..b27a27d4388506cab8d8bbb76007c6b582a2222c 100644
--- a/net/base/cert_verify_result.h
+++ b/net/base/cert_verify_result.h
@@ -8,12 +8,14 @@
#include <vector>
+#include "base/memory/ref_counted.h"
#include "net/base/x509_cert_types.h"
namespace net {
-// The result of certificate verification. Eventually this may contain the
-// certificate chain that was constructed during certificate verification.
+class X509Certificate;
+
+// The result of certificate verification.
class CertVerifyResult {
public:
CertVerifyResult();
@@ -21,7 +23,16 @@ class CertVerifyResult {
void Reset();
- // Bitmask of CERT_STATUS_* from net/base/cert_status_flags.h
+ // The certificate and chain that were constructed during verification.
wtc 2011/07/26 00:16:35 Nit: were => was because only the chain was constr
+ // Note that the though the verified certificate will match the originally
+ // supplied certificate, the intermediate certificates stored within may
+ // be substantially different.
agl 2011/04/18 13:50:27 I think it's worth noting that, in the event of a
+ scoped_refptr<X509Certificate> verified_cert;
wtc 2011/04/20 23:39:30 It's better to return a CertificateList to avoid t
Ryan Sleevi 2011/04/20 23:44:34 As implemented, this means that the subject, issue
+
+ // Bitmask of CERT_STATUS_* from net/base/cert_status_flags.h. Note that
+ // these status flags apply to the certificate chain returned in
+ // |verified_certificate|, rather than the originally supplied certificate
wtc 2011/07/26 00:16:35 Typo: verified_certificate => verified_cert
+ // chain.
int cert_status;
// Properties of the certificate chain.
« no previous file with comments | « no previous file | net/base/cert_verify_result.cc » ('j') | net/base/cert_verify_result.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698